Significant increase in demand of stolen YouTube credentials on dark web

Here’s why there has been an increase in the sale of stolen YouTube credentials on the dark web.

Hackers can use YouTube accounts to spread malware and phishing scams through misguided videos or their descriptions and comment sections without raising any red flags.

A few days ago it was reported that hackers were using YouTube and its comment section to spread malware disguised as fake mobile versions of the famous Valorant game.

Now, Cyber intelligence firm InSights’ security researchers have reported a sudden hike in the demand for stolen YouTube account credentials on the dark web marketplace, mainly for distributing malware, extortion, and launching fraud schemes to trap unsuspecting viewers.

See: Fraud & hacking guides are the most sold item on dark web

The firm’s CSO Etay Maor stated that this demand has abruptly risen in the past few weeks, and the demand is highest for prominent accounts on the popular video-sharing platform.


A survey on the Dark Web revealed that around 80% of the users on the underground marketplace were interested in buying YouTube credentials. The most concerning aspect, according to Maor, is that the original owners of stolen accounts will be vulnerable to blackmail.

“While smaller channels may not be as lucrative as larger ones, YouTubers rely on them as revenue streams and might be willing to pay money to attackers to get their content and access to their channels back,” Maor said in a blog post.

InSights report contains screenshots depicting a seller auctioning more than 680 accounts, some having as many as 40,000 subscribers, at just $400. Such auctions are up for a limited time, such as 24 hours, so that the stolen credentials are sold before the original owner could contact YouTube support to inform about the hacking. InSights revealed that a majority of the credentials are taken either from Google databases or malware-infected devices. Maor states that previously attackers had to rely on a combination of reverse proxy toolkits like Modlishka and phishing techniques to bypass Google’s two-step verification.

However, it is quite surprising that none of the recent sellers have mentioned 2FA, indicating that the stolen accounts weren’t protected with 2FA, which is another point of concern.

See: Russian Hackers Control Malware via Britney Spears Instagram Posts

Though 2FA cannot ensure a hundred percent protection against hacking, it does serve as an additional security step. If the computer is patched properly and credentials are well protected through 2FA, it is possible to thwart such attacks. 

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

Related Posts